diff options
Diffstat (limited to '')
| -rw-r--r-- | dot_config/neomutt/neomuttrc.tmpl | 2 | ||||
| -rw-r--r-- | dot_config/systemd/user/sbuild-update.service | 29 | ||||
| -rw-r--r-- | dot_config/systemd/user/sbuild-update.timer | 11 | ||||
| -rw-r--r-- | dot_config/systemd/user/timers.target.wants/symlink_sbuild-update.timer | 1 |
4 files changed, 42 insertions, 1 deletions
diff --git a/dot_config/neomutt/neomuttrc.tmpl b/dot_config/neomutt/neomuttrc.tmpl index d2b8811..1c93305 100644 --- a/dot_config/neomutt/neomuttrc.tmpl +++ b/dot_config/neomutt/neomuttrc.tmpl @@ -135,7 +135,7 @@ source "$XDG_CONFIG_HOME/neomutt/score.rc" source "$XDG_CONFIG_HOME/neomutt/color.rc" source "$XDG_CONFIG_HOME/neomutt/gpg.rc" -{{- if hasPrefix .chezmoi.homeDir "/sdf" }} +{{- if hasPrefix .chezmoi.homedir "/sdf" }} set from = 'Ryan Kavanagh <rak@sdf.org>' {{- end }} diff --git a/dot_config/systemd/user/sbuild-update.service b/dot_config/systemd/user/sbuild-update.service new file mode 100644 index 0000000..82c6bb3 --- /dev/null +++ b/dot_config/systemd/user/sbuild-update.service @@ -0,0 +1,29 @@ +[Unit] +Description=Update sbuild unshare chroot tarballs +ConditionACPower=true +Wants=network-online.target + +[Service] +Type=oneshot +ExecStart=%h/.local/lib/sbuild/update-chroots.sh +LimitNOFILE=131072 +IOSchedulingClass=idle +Nice=19 + +CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_CHOWN +IPAddressDeny=any +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true +PrivateTmp=true +PrivateDevices=true +PrivateNetwork=true +ProtectClock=true +ProtectControlGroups=true +ProtectHostname=true +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=true +RestrictRealtime=true +RestrictSUIDSGID=true +SystemCallArchitectures=native +SystemCallFilter=@system-service @chown diff --git a/dot_config/systemd/user/sbuild-update.timer b/dot_config/systemd/user/sbuild-update.timer new file mode 100644 index 0000000..2576e16 --- /dev/null +++ b/dot_config/systemd/user/sbuild-update.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Update sbuild unshare chroot tarballs + +[Timer] +OnCalendar=daily +RandomizedDelaySec=1h +AccuracySec=6h +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/dot_config/systemd/user/timers.target.wants/symlink_sbuild-update.timer b/dot_config/systemd/user/timers.target.wants/symlink_sbuild-update.timer new file mode 100644 index 0000000..24c026e --- /dev/null +++ b/dot_config/systemd/user/timers.target.wants/symlink_sbuild-update.timer @@ -0,0 +1 @@ +/home/rak/.config/systemd/user/sbuild-update.timer
\ No newline at end of file |